u335221ftd.ha002.t.justns.ru Open in urlscan Pro
2a00:b700::6:b Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://s.id/3q2wk
Effective URL:
http://u335221ftd.ha002.t.justns.ru/voice/index.html
Submission: On February 22 via manual (February 22nd 2019, 11:53:48 am UTC) from FR

Summary HTTP 66 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 28 IPs in 9 countries across 33 domains to perform 66 HTTP transactions. The main IP is 2a00:b700::6:b, located in Russian Federation and belongs to ASBAXET, RU. The main domain is u335221ftd.ha002.t.justns.ru.

This is the only time u335221ftd.ha002.t.justns.ru was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Credit Agricole (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1	203.119.112.228 203.119.112.228	56088 (PANDI-ID ...) (PANDI-ID PANDI - Pengelola Nama Domain Internet Indonesia)
1	77.222.61.40 77.222.61.40	44112 (SWEB-AS) (SWEB-AS)
1 1	2606:4700:31:... 2606:4700:31::681f:ab2	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700:31:... 2606:4700:31::681f:bb2	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700::68... 2606:4700::6813:c597	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
6 28	2a00:b700::6:b 2a00:b700::6:b	51659 (ASBAXET) (ASBAXET)
5	151.139.241.23 151.139.241.23	12989 (HWNG) (HWNG)
1	145.239.193.145 145.239.193.145	16276 (OVH) (OVH)
1	74.214.194.132 74.214.194.132	59940 (PULSEPOIN...) (PULSEPOINT-EU)
1	143.204.214.103 143.204.214.103	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	143.204.208.65 143.204.208.65	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	185.86.137.42 185.86.137.42	201081 (SMARTADSE...) (SMARTADSERVER)
1	68.232.35.16 68.232.35.16	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	147.135.143.44 147.135.143.44	16276 (OVH) (OVH)
1	18.185.14.252 18.185.14.252	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	5.179.192.20 5.179.192.20	34235 (ASPSERVEU...) (ASPSERVEUR-AS)
1	94.23.196.203 94.23.196.203	16276 (OVH) (OVH)
6	54.229.43.73 54.229.43.73	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	185.33.223.198 185.33.223.198	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2	213.19.162.31 213.19.162.31	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1	2a00:1450:400... 2a00:1450:4001:824::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2600:9000:200... 2600:9000:200d:4e00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2600:9000:200... 2600:9000:200d:2800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	52.30.162.218 52.30.162.218	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	172.217.21.226 172.217.21.226	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	185.33.223.208 185.33.223.208	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1 1	46.228.164.13 46.228.164.13	56396 (TURN) (TURN)
2 2	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic)
1	79.125.104.115 79.125.104.115	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	95.140.239.36 95.140.239.36	22822 (LLNW) (LLNW - Limelight Networks)
1	209.197.3.15 209.197.3.15	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1	158.191.172.76 158.191.172.76	9159 () ()
66	28

1 203.119.112.228 (Indonesia)

ASN56088 (PANDI-ID PANDI - Pengelola Nama Domain Internet Indonesia, ID)
PTR: s.id.112.119.203.in-addr.arpa

s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.222.61.40 (Russian Federation)

ASN44112 (SWEB-AS, RU)
PTR: vh222.sweb.ru

creditagri.temp.swtest.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:31::681f:ab2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

urlz.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:31::681f:bb2 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

urlz.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:c597 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:b700::6:b (Russian Federation) 6 redirects

ASN51659 (ASBAXET, RU)

u335221ftd.ha002.t.justns.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.139.241.23 (Dallas, United States)

ASN12989 (HWNG, NL)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.193.145 (United Kingdom)

ASN16276 (OVH, FR)

g.tmyzer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.214.194.132 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)

tag.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.214.103 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-214-103.fra53.r.cloudfront.net

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.208.65 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-208-65.fra53.r.cloudfront.net

d2zur9cc2gf1tx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.42 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ww1097.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.232.35.16 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

ced-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.135.143.44 (Waltham, United States)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.14.252 (Cambridge, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-185-14-252.eu-central-1.compute.amazonaws.com

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.179.192.20 (France)

ASN34235 (ASPSERVEUR-AS, FR)
PTR: 5-179-192-20.dynamixhost.net

player.pepsia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.196.203 (France)

ASN16276 (OVH, FR)
PTR: serveur8.wilsoftech.com

www.noowho.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.229.43.73 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-229-43-73.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.223.198 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.233 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.162.31 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:200d:4e00:6:44e3:f8c0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:200d:2800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.162.218 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-30-162-218.eu-west-1.compute.amazonaws.com

ads.avocet.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.21.226 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.223.208 (European Union) 2 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.13 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.110 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.125.104.115 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-79-125-104-115.eu-west-1.compute.amazonaws.com

adtrack.adleadevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.140.239.36 (United Kingdom)

ASN22822 (LLNW - Limelight Networks, Inc., US)
PTR: https-95-140-239-36.cdg.llnw.net

api.dmcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.197.3.15 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 158.191.172.76 (France)

ASN9159 (, FR)

www.ca-aquitaine.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	justns.ru 6 redirects u335221ftd.ha002.t.justns.ru	101 KB
7	cpx.to p.cpx.to s.cpx.to	6 KB
5	themoneytizer.com ads.themoneytizer.com	114 KB
3	adnxs.com 2 redirects ib.adnxs.com secure.adnxs.com	3 KB
3	pepsia.com player.pepsia.com	53 KB
2	pubmatic.com 2 redirects image2.pubmatic.com	1005 B
2	doubleclick.net 2 redirects cm.g.doubleclick.net	929 B
2	avocet.io 2 redirects ads.avocet.io	1 KB
2	quantcount.com 1 redirects rules.quantcount.com	1 KB
2	rubiconproject.com fastlane.rubiconproject.com	3 KB
2	leadplace.fr tag.leadplace.fr	3 KB
2	urlz.fr 1 redirects urlz.fr	2 KB
1	ca-aquitaine.fr www.ca-aquitaine.fr	783 B
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	18 KB
1	dmcdn.net api.dmcdn.net	9 KB
1	google-analytics.com www.google-analytics.com	17 KB
1	adleadevent.com adtrack.adleadevent.com	517 B
1	turn.com 1 redirects d.turn.com	514 B
1	googleapis.com ajax.googleapis.com	30 KB
1	stickyadstv.com ads.stickyadstv.com	547 B
1	noowho.com www.noowho.com	2 KB
1	quantserve.com edge.quantserve.com	6 KB
1	criteo.com gum.criteo.com	305 B
1	sascdn.com ced-ns.sascdn.com	8 KB
1	smartadserver.com 1 redirects ww1097.smartadserver.com	481 B
1	cloudfront.net d2zur9cc2gf1tx.cloudfront.net	25 KB
1	contextweb.com tag.contextweb.com	11 KB
1	tmyzer.com g.tmyzer.com c.tmyzer.com Failed	200 B
1	cloudflare.com ajax.cloudflare.com	4 KB
1	swtest.ru creditagri.temp.swtest.ru	337 B
1	s.id s.id analytics.s.id Failed	2 KB
0	dailymotion.com Failed www.dailymotion.com Failed
0	creative-serving.com Failed ads.creative-serving.com Failed
66	33

	Domain	Requested by
28	u335221ftd.ha002.t.justns.ru	6 redirects urlz.fr s.id u335221ftd.ha002.t.justns.ru
6	s.cpx.to	p.cpx.to
5	ads.themoneytizer.com	ajax.cloudflare.com ads.themoneytizer.com
3	player.pepsia.com	s.id player.pepsia.com
2	image2.pubmatic.com	2 redirects
2	secure.adnxs.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	ads.avocet.io	2 redirects
2	rules.quantcount.com	1 redirects
2	fastlane.rubiconproject.com	ads.themoneytizer.com
2	tag.leadplace.fr	ads.themoneytizer.com
2	urlz.fr	1 redirects
1	www.ca-aquitaine.fr	urlz.fr
1	maxcdn.bootstrapcdn.com	player.pepsia.com
1	api.dmcdn.net	player.pepsia.com
1	www.google-analytics.com	s.id
1	adtrack.adleadevent.com	ajax.googleapis.com
1	d.turn.com	1 redirects
1	ajax.googleapis.com	ads.themoneytizer.com
1	ads.stickyadstv.com	ads.themoneytizer.com
1	ib.adnxs.com	ads.themoneytizer.com
1	www.noowho.com
1	edge.quantserve.com	ads.themoneytizer.com
1	gum.criteo.com	ads.themoneytizer.com
1	ced-ns.sascdn.com
1	ww1097.smartadserver.com	1 redirects ads.themoneytizer.com
1	d2zur9cc2gf1tx.cloudfront.net	ads.themoneytizer.com
1	p.cpx.to	ads.themoneytizer.com
1	tag.contextweb.com	ads.themoneytizer.com
1	g.tmyzer.com	ads.themoneytizer.com
1	ajax.cloudflare.com	urlz.fr
1	creditagri.temp.swtest.ru	s.id
1	s.id
0	c.tmyzer.com Failed	ads.themoneytizer.com
0	www.dailymotion.com Failed	api.dmcdn.net
0	ads.creative-serving.com Failed
0	analytics.s.id Failed	s.id
66	37

This site contains links to these domains. Also see Links.

Domain
www.ca-normandie-seine.fr

Subject Issuer	Validity	Valid
*.s.id COMODO RSA Domain Validation Secure Server CA	`2018-12-03` - `2020-12-02`	2 years	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-09-22` - `2019-03-31`	6 months	crt.sh
*.themoneytizer.com Sectigo RSA Domain Validation Secure Server CA	`2019-02-15` - `2021-02-14`	2 years	crt.sh
www.noowho.com Gandi Standard SSL CA 2	`2017-02-07` - `2020-02-07`	3 years	crt.sh
s.cpx.to COMODO RSA Domain Validation Secure Server CA	`2015-02-10` - `2020-02-09`	5 years	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2018-10-16` - `2019-10-21`	a year	crt.sh
adtrack.adleadevent.com Amazon	`2018-07-28` - `2019-08-28`	a year	crt.sh
*.google.com Google Internet Authority G3	`2019-01-29` - `2019-04-23`	3 months	crt.sh
*.dmcdn.net DigiCert SHA2 High Assurance Server CA	`2018-04-23` - `2019-05-29`	a year	crt.sh
*.bootstrapcdn.com COMODO RSA Domain Validation Secure Server CA	`2018-10-03` - `2019-10-12`	a year	crt.sh
www.ca-aquitaine.fr COMODO RSA Organization Validation Secure Server CA	`2018-12-12` - `2019-12-12`	a year	crt.sh

This page contains 6 frames:

Primary Page: http://u335221ftd.ha002.t.justns.ru/voice/index.html
Frame ID: FFA4EB114D2369D07841201231D062B2
Requests: 58 HTTP requests in this frame

Frame: http://u335221ftd.ha002.t.justns.ru/voice/index.html
Frame ID: 7D50F69235F562D8BEC8598E3DE56653
Requests: 1 HTTP requests in this frame

Frame: http://u335221ftd.ha002.t.justns.ru/voice/index.html
Frame ID: BAB18C65ADAE2CB524E49833558938FB
Requests: 1 HTTP requests in this frame

Frame: http://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Frame ID: CBFD8FB7169CA5213558A2682264EB18
Requests: 1 HTTP requests in this frame

Frame: https://www.google-analytics.com/analytics.js
Frame ID: 575CC81072A7CA57E699D1C102BE8D18
Requests: 5 HTTP requests in this frame

Frame: https://www.dailymotion.com/embed?api=postMessage&autoplay-mute=true&autoplay=true&controls=false&endscreen-enable=false&id=player_screen_video&mute=true&origin=http%3A%2F%2Furlz.fr&sharing-enable=false&syndication=273739&ui-logo=false&ui-start-screen-info=false
Frame ID: 1AD0F41EF7024EB49FB953C812270AAE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://s.id/3q2wk Page URL
http://creditagri.temp.swtest.ru/ Page URL
https://urlz.fr/8Xpc HTTP 301
http://urlz.fr/8Xpc Page URL
http://u335221ftd.ha002.t.justns.ru/voice HTTP 301
http://u335221ftd.ha002.t.justns.ru/voice/ HTTP 302
http://u335221ftd.ha002.t.justns.ru/voice/index.html Page URL

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

66
Requests

27 %
HTTPS

26 %
IPv6

33
Domains

37
Subdomains

28
IPs

9
Countries

418 kB
Transfer

1029 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.ca-normandie-seine.fr/bam-information/
Title:

Search URL Search Domain Scan URL

URL: http://www.ca-normandie-seine.fr/faq.html
Title: Foire Aux Questions

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://s.id/3q2wk Page URL
http://creditagri.temp.swtest.ru/ Page URL
https://urlz.fr/8Xpc HTTP 301
http://urlz.fr/8Xpc Page URL
http://u335221ftd.ha002.t.justns.ru/voice HTTP 301
http://u335221ftd.ha002.t.justns.ru/voice/ HTTP 302
http://u335221ftd.ha002.t.justns.ru/voice/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://urlz.fr/8Xpc HTTP 301
http://urlz.fr/8Xpc

Request Chain 5

http://u335221ftd.ha002.t.justns.ru/voice HTTP 301
http://u335221ftd.ha002.t.justns.ru/voice/ HTTP 302
http://u335221ftd.ha002.t.justns.ru/voice/index.html

Request Chain 14

http://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
http://ced-ns.sascdn.com/diff/js/smart.js

Request Chain 17

http://id5-sync.com/i/12/9.gif HTTP 302
http://id5-sync.com/c/12/0/9/1.gif HTTP 302
http://ib.adnxs.com/getuid?http://id5-sync.com/c/12/2/8/2.gif?puid=$UID HTTP 302
http://id5-sync.com/c/12/2/8/2.gif?puid=6138586583758853420 HTTP 302
http://c1.adform.net/serving/cookie/match?party=1135&callback=http%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D HTTP 302
http://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=http%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D HTTP 302
http://id5-sync.com/c/12/10/7/3.gif?puid=1062095123307142847 HTTP 302
http://ads.creative-serving.com/id5_cm?callback=http%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D

Request Chain 21

http://u335221ftd.ha002.t.justns.ru/voice HTTP 301
http://u335221ftd.ha002.t.justns.ru/voice/ HTTP 302
http://u335221ftd.ha002.t.justns.ru/voice/index.html

Request Chain 30

http://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js HTTP 301
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js

Request Chain 31

https://ads.avocet.io/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3Dfbdfa1ee-78fa-4ade-80ad-ae009ea5a47e HTTP 302
https://ads.avocet.io/getuid?bounce=true&url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3Dfbdfa1ee-78fa-4ade-80ad-ae009ea5a47e HTTP 302
https://s.cpx.to/sync?dsp=avocet&dsp_uid=953a1450-5cf6-48fb-bd8f-8e196e0e7a41&fid=fbdfa1ee-78fa-4ade-80ad-ae009ea5a47e

Request Chain 32

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=fbdfa1ee-78fa-4ade-80ad-ae009ea5a47e HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=fbdfa1ee-78fa-4ade-80ad-ae009ea5a47e&google_tc= HTTP 302
https://s.cpx.to/ca.png?dsp=dbm&fid=fbdfa1ee-78fa-4ade-80ad-ae009ea5a47e&google_gid=CAESENGIzGGlZ2ax9akLBqaVpik&google_cver=1

Request Chain 33

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3Dhttp%253A%252F%252Fcreditagri.temp.swtest.ru%252F%26hn_ver%3D10%26fid%3Dfbdfa1ee-78fa-4ade-80ad-ae009ea5a47e HTTP 302
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D11528%2526ref%253Dhttp%25253A%25252F%25252Fcreditagri.temp.swtest.ru%25252F%2526hn_ver%253D10%2526fid%253Dfbdfa1ee-78fa-4ade-80ad-ae009ea5a47e HTTP 302
https://s.cpx.to/an_fire?app_nexus_uid=6138586583758853420&pid=11528&ref=http%3A%2F%2Fcreditagri.temp.swtest.ru%2F&hn_ver=10&fid=fbdfa1ee-78fa-4ade-80ad-ae009ea5a47e

Request Chain 34

https://d.turn.com/r/dd/id/L21rdC8xMjgwL2NpZC8xNzQ4MDc2NjU4L3QvMg/url/https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Damobee%26dsp_uid%3D%24%21%7BTURN_UUID%7D%26fid%3Dfbdfa1ee-78fa-4ade-80ad-ae009ea5a47e HTTP 302
https://s.cpx.to/sync?dsp=amobee&dsp_uid=2435221858742669530&fid=fbdfa1ee-78fa-4ade-80ad-ae009ea5a47e

Request Chain 35

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dfbdfa1ee-78fa-4ade-80ad-ae009ea5a47e HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dfbdfa1ee-78fa-4ade-80ad-ae009ea5a47e HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=8F8EAE39-1A06-4477-AC1B-37EDEE731DF7&fid=fbdfa1ee-78fa-4ade-80ad-ae009ea5a47e

Request Chain 44

http://www.dailymotion.com/embed?api=postMessage&autoplay-mute=true&autoplay=true&controls=false&endscreen-enable=false&id=player_screen_video&mute=true&origin=http%3A%2F%2Furlz.fr&sharing-enable=false&syndication=273739&ui-logo=false&ui-start-screen-info=false HTTP 301
https://www.dailymotion.com/embed?api=postMessage&autoplay-mute=true&autoplay=true&controls=false&endscreen-enable=false&id=player_screen_video&mute=true&origin=http%3A%2F%2Furlz.fr&sharing-enable=false&syndication=273739&ui-logo=false&ui-start-screen-info=false

66 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set 3q2wk Show response
s.id/ 2 KB
2 KB 1067ms
674ms Document
text/html 203.119.112.228
Pengelola Nama Do...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.id/3q2wk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.119.112.228 , Indonesia, ASN56088 (PANDI-ID PANDI - Pengelola Nama Domain Internet Indonesia, ID),
Reverse DNS: s.id.112.119.203.in-addr.arpa
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: bc654a36db2e1d367d0e5d978daed55b7bda58d10fef95df8acbea4b7eef6f50

Request headers

Host: s.id
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server: nginx/1.10.3 (Ubuntu)
Date: Fri, 22 Feb 2019 11:53:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: private, must-revalidate
pragma: no-cache
expires: -1
Set-Cookie: XSRF-TOKEN=eyJpdiI6IndJeFZzMitOU216ajUwelNyTEgzcEE9PSIsInZhbHVlIjoicVhPYlVOUWR2bnR6Y2VxbnNlRmJZWHZsdVNZTnlya2x1UTljM0xWUWVENGRqaDVxdkJURFpmUWNUVTd6RzVcLzJIaGpiUSs2bW1oODRYN25UMU9VZGlRPT0iLCJtYWMiOiI1NjNlODIxMjhjNzE2YjZlMGQzOWM0OGY5ZjVlNzQxNWY2MTU0NTEyMTY1ZmQwMWJlMTIxNGNlYTdlODAxM2E4In0%3D; expires=Fri, 22-Feb-2019 13:53:32 GMT; Max-Age=7200; path=/ major_tom=eyJpdiI6InhIdk9oOVF5TWNQT3RHMTZPRkU2Znc9PSIsInZhbHVlIjoiOGo4M0thTmloWGtobytTTFBLK3ppaUxQWDVwXC8yUllLUFlrclhMcmJ0cktNbWpPUlA4SkJXT0ZxMWxsUmhLTm14amRVSGR0ekdsZDM2XC83VU5GZW5lZz09IiwibWFjIjoiYTEzZWYzMTRhN2NmMmE3OGNiZjFlM2U4OWNjNjQ3NjE2NDdkOWNkYmRhYTA1YjE2NzM5NTU3ZGMwZmI5NDRhYyJ9; expires=Fri, 22-Feb-2019 13:53:32 GMT; Max-Age=7200; path=/; httponly
Content-Encoding: gzip

GET piwik.js
analytics.s.id/ 0
0

GET
H/1.1 200
OK /
creditagri.temp.swtest.ru/ 64 B
337 B 195ms
68ms Document
text/html 77.222.61.40
SWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://creditagri.temp.swtest.ru/
Requested by: Host: s.id
URL: https://s.id/3q2wk
Protocol: HTTP/1.1
Server: 77.222.61.40 , Russian Federation, ASN44112 (SWEB-AS, RU),
Reverse DNS: vh222.sweb.ru
Software: nginx/1.15.2 /
Resource Hash

Request headers

Host: creditagri.temp.swtest.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server: nginx/1.15.2
Date: Fri, 22 Feb 2019 11:53:33 GMT
Content-Type: text/html
Content-Length: 64
Connection: keep-alive
Keep-Alive: timeout=10
Last-Modified: Tue, 19 Feb 2019 11:54:53 GMT
ETag: "120ba5e-40-5823de8c96217"
Accept-Ranges: bytes

GET
H/1.1

200
OK

8Xpc Show response
urlz.fr/
Redirect Chain

https://urlz.fr/8Xpc
http://urlz.fr/8Xpc

3 KB
1 KB

37ms
31ms

Document
text/html

2606:4700:31::681f:bb2
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://urlz.fr/8Xpc
Protocol: HTTP/1.1
Server: 2606:4700:31::681f:bb2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d40554f32d79318570deb113b99cfd2572316bec25d07f541ca5948c6a291f58

Request headers

Host: urlz.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://creditagri.temp.swtest.ru/
Accept-Encoding: gzip, deflate
Cookie: __cfduid=d33021ed7b3cfb6f812507f9952a4bcf71550836413
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://creditagri.temp.swtest.ru/

Response headers

Date: Fri, 22 Feb 2019 11:53:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: cloudflare
CF-RAY: 4ad140c09c4a274a-FRA
Content-Encoding: gzip

Redirect headers

status: 301
date: Fri, 22 Feb 2019 11:53:33 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d33021ed7b3cfb6f812507f9952a4bcf71550836413; expires=Sat, 22-Feb-20 11:53:33 GMT; path=/; domain=.urlz.fr; HttpOnly
location: http://urlz.fr/8Xpc
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4ad140bf2ef6becb-FRA

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/cb7744ae/cloudflare-static/ 11 KB
4 KB 34ms
15ms Script
application/javascript 2606:4700::6813:c597
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/cb7744ae/cloudflare-static/rocket-loader.min.js

Requested by

Host: urlz.fr
URL: http://urlz.fr/8Xpc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3349f7ebfafd1cf105f9f4a41a1be792db6dfc5d754de2fbce192a2185486b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://urlz.fr/8Xpc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Feb 2019 11:53:33 GMT
content-encoding: gzip
last-modified: Mon, 18 Feb 2019 17:46:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5c6aef90-2d8b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 4ad140c0f82c9aac-FRA
expires: Sun, 24 Feb 2019 11:53:33 GMT

GET
H/1.1

200
OK

index.html
u335221ftd.ha002.t.justns.ru/voice/ Frame 7D50
Redirect Chain

http://u335221ftd.ha002.t.justns.ru/voice
http://u335221ftd.ha002.t.justns.ru/voice/
http://u335221ftd.ha002.t.justns.ru/voice/index.html

0
0

85ms
43ms

Document
text/html

2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to

Full URL: http://u335221ftd.ha002.t.justns.ru/voice/index.html
Requested by: Host: urlz.fr
URL: http://urlz.fr/8Xpc
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

Host: u335221ftd.ha002.t.justns.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://urlz.fr/8Xpc
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://urlz.fr/8Xpc

Response headers

ETag: "55d5-5c6bed5e-cfda12cdb844c7b8;gz"
Last-Modified: Tue, 19 Feb 2019 11:49:50 GMT
Content-Type: text/html
Content-Length: 6653
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Date: Fri, 22 Feb 2019 11:53:34 GMT
Server: LiteSpeed
Connection: close

Redirect headers

Location: index.html
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Date: Fri, 22 Feb 2019 11:53:34 GMT
Server: LiteSpeed
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Vary: User-Agent
Connection: close

GET
H/1.1 200
OK requestform.js Show response
ads.themoneytizer.com/s/ 43 KB
9 KB 30ms
9ms Script
text/html 151.139.241.23
HWNG

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/cb7744ae/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 151.139.241.23 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software: NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash: 2dab93e85c921c8a853f19c5bfa32757e9f235f066e4756a7c914e5cba6619f4

Request headers

Referer: http://urlz.fr/8Xpc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Feb 2019 11:53:33 GMT
Content-Encoding: gzip
Server: NetDNA-cache/2.2
X-Powered-By: PHP/5.4.45
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Cache-control: max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Expires: Sat, 23 Feb 2019 11:53:33 GMT

GET
H/1.1 200
OK gen.js Show response
ads.themoneytizer.com/s/ 6 KB
2 KB 40ms
7ms Script
text/html 151.139.241.23
HWNG

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.themoneytizer.com/s/gen.js?type=28
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/cb7744ae/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Server: 151.139.241.23 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software: NetDNA-cache/2.2 / PHP/5.4.45
Resource Hash: dd76fdd2142192064e0af855f1b21bdad5ed9e807f053e813827e601404a83cb

Request headers

Referer: http://urlz.fr/8Xpc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Feb 2019 11:52:51 GMT
Content-Encoding: gzip
Server: NetDNA-cache/2.2
X-Powered-By: PHP/5.4.45
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/html; charset=UTF-8
Cache-control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2186
Expires: Sat, 23 Feb 2019 11:52:51 GMT

GET
H/1.1 200
OK /
g.tmyzer.com/g/ 26 B
200 B 365ms
28ms Script
text/html 145.239.193.145
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://g.tmyzer.com/g/
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Server: 145.239.193.145 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://urlz.fr/8Xpc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Feb 2019 11:53:34 GMT
Server: nginx
X-IPLB-Instance: 15014
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 moneyvisibility.js Show response
ads.themoneytizer.com/ 12 KB
4 KB 47ms
8ms Script
text/javascript 151.139.241.23
HWNG

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneyvisibility.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software: nginx /
Resource Hash: 7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37

Request headers

Referer: http://urlz.fr/8Xpc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Feb 2019 11:53:34 GMT
content-encoding: gzip
last-modified: Tue, 03 Oct 2017 20:38:26 GMT
server: nginx
etag: "779a-308e-55aaa791f67cd"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3931
expires: Sat, 23 Feb 2019 11:53:26 GMT

GET
H2 200 moneybile.js Show response
ads.themoneytizer.com/ 37 KB
16 KB 50ms
14ms Script
text/javascript 151.139.241.23
HWNG

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybile.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software: nginx /
Resource Hash: 94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b

Request headers

Referer: http://urlz.fr/8Xpc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Feb 2019 11:53:34 GMT
content-encoding: gzip
last-modified: Tue, 26 Dec 2017 18:31:28 GMT
server: nginx
etag: "7ff1-9390-561427db3104d"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 15733
expires: Sat, 23 Feb 2019 11:52:38 GMT

GET
H/1.1 200
OK getjs.static.js Show response
tag.contextweb.com/ 32 KB
11 KB 78ms
24ms Script
application/x-javascript 74.214.194.132
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: http://tag.contextweb.com/getjs.static.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Server: 74.214.194.132 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69

Request headers

Referer: http://urlz.fr/8Xpc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Feb 2019 11:53:34 GMT
content-encoding: gzip
server: envoy
etag: d13c8ae45565efb782b52cb7f6a3b3828e3d77a7
p3p: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: max-age=432000, public
x-envoy-upstream-service-time: 2
content-type: application/x-javascript
content-length: 11296

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/11528/ 1 KB
2 KB 64ms
9ms Script
application/javascript 143.204.214.103
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://p.cpx.to/p/11528/px.js?r=1d962
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Server: 143.204.214.103 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-214-103.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2

Request headers

Referer: http://urlz.fr/8Xpc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 01 Jan 2019 02:00:10 GMT
Content-Encoding: UTF-8
Last-Modified: Wed, 10 Oct 2018 10:49:46 GMT
Server: AmazonS3
Age: 2108521
ETag: "f30057c89bf67afeaf18ceba624fa4b7"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
Cache-Control: max-age=2419200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1498
X-Amz-Cf-Id: 7RJ6UfAKVSjtoHXIkwasYQIb0XKocQ_Njeu13Sy_9bJSCyZFmfRSAw==

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 25 KB
25 KB 131ms
8ms Script
text/javascript 143.204.208.65
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Server: 143.204.208.65 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-208-65.fra53.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer: http://urlz.fr/8Xpc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 18 Feb 2019 16:55:05 GMT
Via: 1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Age: 68302
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: iAMaFxTZRGkpDGj5BnScH-N5G19KoaHDeNnDR1wuaS__M6Dn5GWpAQ==

GET
H/1.1

200
OK

smart.js Show response
ced-ns.sascdn.com/diff/js/
Redirect Chain

http://ww1097.smartadserver.com/config.js?nwid=1097
http://ced-ns.sascdn.com/diff/js/smart.js

23 KB
8 KB

59ms
8ms

Script
application/x-javascript

68.232.35.16
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: http://ced-ns.sascdn.com/diff/js/smart.js
Protocol: HTTP/1.1
Server: 68.232.35.16 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E6) /
Resource Hash: 26517193e17e52b864db99512527c75112afb1290eee8b7d4548e23082f0e876

Request headers

Referer: http://urlz.fr/8Xpc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Feb 2019 11:53:34 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Feb 2019 13:12:51 GMT
Server: ECS (fcn/40E6)
X-N: S
Etag: "18d57cd29660668e0675302a0f212fc1:1549890771"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 7698

Redirect headers

Location: http://ced-ns.sascdn.com/diff/js/smart.js
Date: Fri, 22 Feb 2019 11:53:34 GMT
Cache-Control: public, no-cache="Set-Cookie", max-age=3600
Content-Type: text/html; charset=utf-8
ETag: "B3AD475326B8B47FBDD93996AA846475"
Content-Length: 158
Expires: Fri, 22 Feb 2019 12:53:34 GMT

GET
H/1.1 200
OK sync Show response
gum.criteo.com/ 49 B
305 B 47ms
14ms Script
text/javascript 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: http://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Server: 2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Request headers

Referer: http://urlz.fr/8Xpc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Feb 2019 11:53:34 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Content-Length: 49
Expires: 60

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ 3 KB
3 KB 69ms
20ms Script
application/javascript 147.135.143.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/gen.js?type=28
Protocol: HTTP/1.1
Server: 147.135.143.44 Waltham, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31

Request headers

Referer: http://urlz.fr/8Xpc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Feb 2019 11:53:34 GMT
Last-Modified: Wed, 28 Nov 2018 09:16:40 GMT
Server: nginx/1.14.2
ETag: "5bfe5cf8-a72"
X-IPLB-Instance: 13167
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2674

GET

id5_cm
ads.creative-serving.com/
Redirect Chain

http://id5-sync.com/i/12/9.gif
http://id5-sync.com/c/12/0/9/1.gif
http://ib.adnxs.com/getuid?http://id5-sync.com/c/12/2/8/2.gif?puid=$UID
http://id5-sync.com/c/12/2/8/2.gif?puid=6138586583758853420
http://c1.adform.net/serving/cookie/match?party=1135&callback=http%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D
http://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=http%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D
http://id5-sync.com/c/12/10/7/3.gif?puid=1062095123307142847
http://ads.creative-serving.com/id5_cm?callback=http%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D

0
0

GET
H/1.1 200
OK quant.js Show response
edge.quantserve.com/ 12 KB
6 KB 145ms
9ms Script
application/x-javascript 18.185.14.252
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://edge.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: HTTP/1.1
Server: 18.185.14.252 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-185-14-252.eu-central-1.compute.amazonaws.com
Software: QS /
Resource Hash: 404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Referer: http://urlz.fr/8Xpc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Feb 2019 11:53:34 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22-Feb-2019 11:53:34 GMT
Server: QS
ETag: M0-e2b9884a
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Connection: keep-alive
Content-Length: 5456
Expires: Fri, 01 Mar 2019 11:53:34 GMT

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid1_39/build/dist/ 262 KB
83 KB 11ms
10ms Script
text/javascript 151.139.241.23
HWNG

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid1_39/build/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN12989 (HWNG, NL),
Reverse DNS
Software: nginx /
Resource Hash: 07370fa9f43186d0cc01f9c8ff0729fc54e1e20c24658d27d5ad04aee5195c37

Request headers

Referer: http://urlz.fr/8Xpc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Feb 2019 11:53:34 GMT
content-encoding: gzip
last-modified: Thu, 14 Feb 2019 11:56:01 GMT
server: nginx
etag: "2040b-41776-581d957a465c8"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 84535
expires: Sat, 23 Feb 2019 11:53:04 GMT

GET
H/1.1 200
OK sdk.js Show response
player.pepsia.com/ 37 KB
37 KB 91ms
38ms Script
application/javascript 5.179.192.20
ASPSERVEUR-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://player.pepsia.com/sdk.js?d=169150db857
Requested by: Host: s.id
URL: https://s.id/3q2wk
Protocol: HTTP/1.1
Server: 5.179.192.20 , France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS: 5-179-192-20.dynamixhost.net
Software: nginx /
Resource Hash: 66171501c2a2df0ccfb7e034730b81578492b3508f54e05b0c3847e81c8b8bb2

Request headers

Referer: http://urlz.fr/8Xpc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Feb 2019 11:53:34 GMT
Last-Modified: Tue, 19 Feb 2019 15:33:45 GMT
Server: nginx
Accept-Ranges: bytes
ETag: "5c6c21d9-9462"
Content-Length: 37986
Content-Type: application/javascript

GET
H/1.1

200
OK

index.html
u335221ftd.ha002.t.justns.ru/voice/ Frame BAB1
Redirect Chain

http://u335221ftd.ha002.t.justns.ru/voice
http://u335221ftd.ha002.t.justns.ru/voice/
http://u335221ftd.ha002.t.justns.ru/voice/index.html

0
0

41ms
41ms

Document
text/html

2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to

Full URL: http://u335221ftd.ha002.t.justns.ru/voice/index.html
Requested by: Host: s.id
URL: https://s.id/3q2wk
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

Host: u335221ftd.ha002.t.justns.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://urlz.fr/8Xpc
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://urlz.fr/8Xpc

Response headers

ETag: "55d5-5c6bed5e-cfda12cdb844c7b8;gz"
Last-Modified: Tue, 19 Feb 2019 11:49:50 GMT
Content-Type: text/html
Content-Length: 6653
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Date: Fri, 22 Feb 2019 11:53:34 GMT
Server: LiteSpeed
Connection: close

Redirect headers

Location: index.html
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Date: Fri, 22 Feb 2019 11:53:34 GMT
Server: LiteSpeed
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Vary: User-Agent
Connection: close

GET
H/1.1 200
OK image.php
www.noowho.com/ 1 KB
2 KB 220ms
147ms Image
image/gif 94.23.196.203
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.noowho.com/image.php?site=23690713&ref=http://creditagri.temp.swtest.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.23.196.203 , France, ASN16276 (OVH, FR),
Reverse DNS: serveur8.wilsoftech.com
Software: Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.22
Resource Hash: 5489fd68a74e873f4625f9020d0e9d31c8dea8cf98be50e050f058bf0e22aed0

Request headers

Referer: http://urlz.fr/8Xpc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Feb 2019 11:57:15 GMT
Cache-Control: no-store, no-cache, must-revalidate
Server: Apache/2.4.7 (Ubuntu)
Connection: close
X-Powered-By: PHP/5.5.9-1ubuntu4.22
Content-Length: 1481
Content-Type: image/gif

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ 946 B
1 KB 161ms
31ms Script
text/plain 54.229.43.73
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s.cpx.to/fire.js?pid=11528&ref=http%3A%2F%2Fcreditagri.temp.swtest.ru%2F&hn_ver=10&fid=fbdfa1ee-78fa-4ade-80ad-ae009ea5a47e
Requested by: Host: p.cpx.to
URL: http://p.cpx.to/p/11528/px.js?r=1d962
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.43.73 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-229-43-73.eu-west-1.compute.amazonaws.com
Software: akka-http/2.4.17 /
Resource Hash: 9c7a90a3a0b5db090bbd3a7759f18253a626c91fcce34b6213bcdf5b02ec2675

Request headers

Referer: http://urlz.fr/8Xpc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Feb 2019 11:53:34 GMT
Server: akka-http/2.4.17
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: text/plain; charset=UTF-8
Content-Length: 946
Expires: Tue, 05 Feb 2019 11:29:18 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 372 B
1 KB 124ms
74ms XHR
application/json 185.33.223.198
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

http://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid1_39/build/dist/prebid.js

Protocol

HTTP/1.1

Server

185.33.223.198 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

dc66e9b551b86b18c315fdd3c4d67c80615812ba484ae2cb9508376f35fa13be

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://urlz.fr/8Xpc
Origin: http://urlz.fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 22 Feb 2019 11:53:36 GMT
X-Proxy-Origin: 185.220.70.202; 185.220.70.202; 310.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.9:80
AN-X-Request-Uuid: 02a28cd1-b7af-4896-b79e-d58a29c87294
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://urlz.fr
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 372
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK swfIndex.php
ads.stickyadstv.com/www/delivery/ 67 B
547 B 367ms
292ms XHR
application/xml 2.18.234.233
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=5224337&componentId=mustang&timestamp=1550836414686&pKey=-921121887&_fw_gdpr_consent=undefined&loc=http%3A%2F%2Furlz.fr%2F8Xpc&playerSize=640x480&
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid1_39/build/dist/prebid.js
Protocol: HTTP/1.1
Server: 2.18.234.233 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Referer: http://urlz.fr/8Xpc
Origin: http://urlz.fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 22 Feb 2019 11:53:35 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: http://urlz.fr
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1550836414729098-21
Expires: Fri, 22 Feb 2019 11:53:35 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 255 B
2 KB 127ms
63ms XHR
application/json 213.19.162.31
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: http://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39544&zone_id=1078226&size_id=2&p_pos=unknown&rf=https%3A%2F%2Furlz.fr&kw=15056&tg_i.siteid=15056&tk_flint=pbjs_lite_v1.39.0&x_source.tid=2a11bb9f-178f-43ab-b42b-930b4ff747dc&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=0&slots=1&rand=0.10249139797373297
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid1_39/build/dist/prebid.js
Protocol: HTTP/1.1
Server: 213.19.162.31 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: ee3c3fc910cc5cadabd0889d9b7a9e94391e182eede8abfe9b4cc3b69235ed90

Request headers

Referer: http://urlz.fr/8Xpc
Origin: http://urlz.fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 22 Feb 2019 11:53:34 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://urlz.fr
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=9
Content-Length: 255
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 255 B
2 KB 106ms
42ms XHR
application/json 213.19.162.31
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: http://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39544&zone_id=1078310&size_id=2&p_pos=unknown&rf=https%3A%2F%2Furlz.fr&kw=15056&tg_i.siteid=15056&tk_flint=pbjs_lite_v1.39.0&x_source.tid=78b017cb-cb59-4623-bc3b-c30e71b5255c&p_screen_res=1600x1200&rp_floor=0.37&rp_secure=0&slots=1&rand=0.5189087904398928
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid1_39/build/dist/prebid.js
Protocol: HTTP/1.1
Server: 213.19.162.31 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 396e5df7aaa00463e39a6fb6515810f0548cc453dbf58e141b3521dc7e09072b

Request headers

Referer: http://urlz.fr/8Xpc
Origin: http://urlz.fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 22 Feb 2019 11:53:34 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://urlz.fr
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=5
Content-Length: 255
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK wckr.php
tag.leadplace.fr/ Frame CBFD 0
0 28ms
21ms Document
text/html 147.135.143.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Requested by: Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28
Protocol: HTTP/1.1
Server: 147.135.143.44 Waltham, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash

Request headers

Host: tag.leadplace.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://urlz.fr/8Xpc
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://urlz.fr/8Xpc

Response headers

Server: nginx/1.14.2
Date: Fri, 22 Feb 2019 11:53:34 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
X-IPLB-Instance: 13167

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 84 KB
30 KB 44ms
5ms Script
text/javascript 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: ads.themoneytizer.com
URL: http://ads.themoneytizer.com/s/requestform.js?siteId=15056&formatId=28

Protocol

HTTP/1.1

Server

2a00:1450:4001:824::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://urlz.fr/8Xpc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 21 Feb 2019 12:00:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 85997
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 30186
X-XSS-Protection: 1; mode=block
Expires: Fri, 21 Feb 2020 12:00:17 GMT

GET
H2

200

rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/
Redirect Chain

http://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js

1 KB
948 B

25ms
6ms

Script
application/x-javascript

2600:9000:200d:2800:6:44e3:f8c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:2800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: http://urlz.fr/8Xpc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Feb 2019 11:29:27 GMT
content-encoding: gzip
last-modified: Mon, 19 Mar 2018 22:28:36 GMT
server: AmazonS3
age: 1447
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
x-amz-cf-id: fVhlEK-r_eQNtFOyw_VEwYYdbSPK4Q0kr6l0-x182wZmVh5USN8j7w==
via: 1.1 bd5652a800046ffa43683320c0e731b4.cloudfront.net (CloudFront)

Redirect headers

Date: Fri, 22 Feb 2019 11:53:34 GMT
Via: 1.1 affe26bf02a36a4a45ea1eb3ce2b4a62.cloudfront.net (CloudFront)
Server: CloudFront
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Connection: keep-alive
Content-Length: 183
X-Amz-Cf-Id: SBdVB4UCJjo3u0j13q3xQS_I2ITSgtJ5cz7O5vApcY1uc0X7_c_p5g==

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://ads.avocet.io/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3Dfbdfa1ee-78fa-4ade-80ad-ae009ea5a47e
https://ads.avocet.io/getuid?bounce=true&url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3Dfbdfa1ee-78fa-4ade-80ad-ae009ea5a47e
https://s.cpx.to/sync?dsp=avocet&dsp_uid=953a1450-5cf6-48fb-bd8f-8e196e0e7a41&fid=fbdfa1ee-78fa-4ade-80ad-ae009ea5a47e

95 B
647 B

80ms
31ms

Image
image/png

54.229.43.73
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/sync?dsp=avocet&dsp_uid=953a1450-5cf6-48fb-bd8f-8e196e0e7a41&fid=fbdfa1ee-78fa-4ade-80ad-ae009ea5a47e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.43.73 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-229-43-73.eu-west-1.compute.amazonaws.com
Software: akka-http/2.4.17 /
Resource Hash

Request headers

Referer: http://urlz.fr/8Xpc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Feb 2019 11:53:35 GMT
Server: akka-http/2.4.17
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Fri, 22 Feb 2019 11:53:35 GMT

Redirect headers

Location: https://s.cpx.to/sync?dsp=avocet&dsp_uid=953a1450-5cf6-48fb-bd8f-8e196e0e7a41&fid=fbdfa1ee-78fa-4ade-80ad-ae009ea5a47e
Date: Fri, 22 Feb 2019 11:53:34 GMT
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 149
P3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

ca.png
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=fbdfa1ee-78fa-4ade-80ad-ae009ea5a47e
https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=fbdfa1ee-78fa-4ade-80ad-ae009ea5a47e&google_tc=
https://s.cpx.to/ca.png?dsp=dbm&fid=fbdfa1ee-78fa-4ade-80ad-ae009ea5a47e&google_gid=CAESENGIzGGlZ2ax9akLBqaVpik&google_cver=1

95 B
492 B

35ms
34ms

Image
image/png

54.229.43.73
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/ca.png?dsp=dbm&fid=fbdfa1ee-78fa-4ade-80ad-ae009ea5a47e&google_gid=CAESENGIzGGlZ2ax9akLBqaVpik&google_cver=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.43.73 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-229-43-73.eu-west-1.compute.amazonaws.com
Software: akka-http/2.4.17 /
Resource Hash

Request headers

Referer: http://urlz.fr/8Xpc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Feb 2019 11:53:34 GMT
Server: akka-http/2.4.17
Connection: keep-alive
Content-Length: 95
Content-Type: image/png

Redirect headers

pragma: no-cache
date: Fri, 22 Feb 2019 11:53:34 GMT
server: HTTP server (unknown)
location: https://s.cpx.to/ca.png?dsp=dbm&fid=fbdfa1ee-78fa-4ade-80ad-ae009ea5a47e&google_gid=CAESENGIzGGlZ2ax9akLBqaVpik&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 334
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

an_fire
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D11528%26ref%3Dhttp%253A%252F%252Fcreditagri.temp.swtest.ru%252F%26hn_ver%3D10%26fid%3Dfbdfa1ee-78fa...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D11528%2526ref%253Dhttp%25253A%25252F%25252Fcreditagri.temp.swtest.ru%...
https://s.cpx.to/an_fire?app_nexus_uid=6138586583758853420&pid=11528&ref=http%3A%2F%2Fcreditagri.temp.swtest.ru%2F&hn_ver=10&fid=fbdfa1ee-78fa-4ade-80ad-ae009ea5a47e

95 B
633 B

82ms
31ms

Image
image/png

54.229.43.73
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/an_fire?app_nexus_uid=6138586583758853420&pid=11528&ref=http%3A%2F%2Fcreditagri.temp.swtest.ru%2F&hn_ver=10&fid=fbdfa1ee-78fa-4ade-80ad-ae009ea5a47e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.43.73 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-229-43-73.eu-west-1.compute.amazonaws.com
Software: akka-http/2.4.17 /
Resource Hash

Request headers

Referer: http://urlz.fr/8Xpc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Feb 2019 11:53:34 GMT
Server: akka-http/2.4.17
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Fri, 22 Feb 2019 11:53:34 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 22 Feb 2019 11:53:36 GMT
AN-X-Request-Uuid: e9ab96d8-3740-4900-b188-ed0d278dc7a8
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://s.cpx.to/an_fire?app_nexus_uid=6138586583758853420&pid=11528&ref=http%3A%2F%2Fcreditagri.temp.swtest.ru%2F&hn_ver=10&fid=fbdfa1ee-78fa-4ade-80ad-ae009ea5a47e
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.220.70.202; 185.220.70.202; 311.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.75:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://d.turn.com/r/dd/id/L21rdC8xMjgwL2NpZC8xNzQ4MDc2NjU4L3QvMg/url/https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Damobee%26dsp_uid%3D%24%21%7BTURN_UUID%7D%26fid%3Dfbdfa1ee-78fa-4ade-80ad-ae009ea5a47e
https://s.cpx.to/sync?dsp=amobee&dsp_uid=2435221858742669530&fid=fbdfa1ee-78fa-4ade-80ad-ae009ea5a47e

95 B
630 B

73ms
31ms

Image
image/png

54.229.43.73
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/sync?dsp=amobee&dsp_uid=2435221858742669530&fid=fbdfa1ee-78fa-4ade-80ad-ae009ea5a47e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.43.73 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-229-43-73.eu-west-1.compute.amazonaws.com
Software: akka-http/2.4.17 /
Resource Hash

Request headers

Referer: http://urlz.fr/8Xpc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Feb 2019 11:53:34 GMT
Server: akka-http/2.4.17
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Fri, 22 Feb 2019 11:53:34 GMT

Redirect headers

Location: https://s.cpx.to/sync?dsp=amobee&dsp_uid=2435221858742669530&fid=fbdfa1ee-78fa-4ade-80ad-ae009ea5a47e
Pragma: no-cache
Date: Fri, 22 Feb 2019 11:53:33 GMT
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Server: Apache-Coyote/1.1
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dfbdfa1ee-78fa-4ade-80ad-ae009ea5a47e
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Dfbdfa1ee-78fa-4ade-80ad-ae009ea5a47e
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=8F8EAE39-1A06-4477-AC1B-37EDEE731DF7&fid=fbdfa1ee-78fa-4ade-80ad-ae009ea5a47e

95 B
649 B

99ms
31ms

Image
image/png

54.229.43.73
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=8F8EAE39-1A06-4477-AC1B-37EDEE731DF7&fid=fbdfa1ee-78fa-4ade-80ad-ae009ea5a47e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.43.73 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-229-43-73.eu-west-1.compute.amazonaws.com
Software: akka-http/2.4.17 /
Resource Hash

Request headers

Referer: http://urlz.fr/8Xpc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Feb 2019 11:53:35 GMT
Server: akka-http/2.4.17
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Fri, 22 Feb 2019 11:53:35 GMT

Redirect headers

Location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=8F8EAE39-1A06-4477-AC1B-37EDEE731DF7&fid=fbdfa1ee-78fa-4ade-80ad-ae009ea5a47e
Date: Fri, 22 Feb 2019 11:53:35 GMT
X-Cnection: close
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Content-Length: 448
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK / Show response
player.pepsia.com/V2/ 42 KB
15 KB 47ms
45ms XHR
text/html 5.179.192.20
ASPSERVEUR-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://player.pepsia.com/V2/?token=00I4&autoplay=1&logo=true&volume=1&api=1&id=0&origin=http://urlz.fr&d=169150db94d
Requested by: Host: player.pepsia.com
URL: http://player.pepsia.com/sdk.js?d=169150db857
Protocol: HTTP/1.1
Server: 5.179.192.20 , France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS: 5-179-192-20.dynamixhost.net
Software: nginx /
Resource Hash: dd662b6e50e8121af3a3fcdb888012d0eadcefde358452e9b2f45e9980d86325

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://urlz.fr/8Xpc
Origin: http://urlz.fr

Response headers

Access-Control-Allow-Origin: http://urlz.fr
Date: Fri, 22 Feb 2019 11:53:34 GMT
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK algo.php
player.pepsia.com/V2/ 1 KB
675 B 108ms
60ms XHR
text/html 5.179.192.20
ASPSERVEUR-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://player.pepsia.com/V2/algo.php?token=00I4&num=9&origin=http://urlz.fr&d=169150db94e
Requested by: Host: player.pepsia.com
URL: http://player.pepsia.com/sdk.js?d=169150db857
Protocol: HTTP/1.1
Server: 5.179.192.20 , France, ASN34235 (ASPSERVEUR-AS, FR),
Reverse DNS: 5-179-192-20.dynamixhost.net
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://urlz.fr/8Xpc
Origin: http://urlz.fr

Response headers

Access-Control-Allow-Origin: http://urlz.fr
Date: Fri, 22 Feb 2019 11:53:34 GMT
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK notifyme.php
adtrack.adleadevent.com/ 0
517 B 183ms
42ms XHR
application/x-javascript 79.125.104.115
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.125.104.115 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-79-125-104-115.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://urlz.fr/8Xpc
Origin: http://urlz.fr
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Feb 2019 11:53:34 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Feb 2019 11:53:34 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: http://urlz.fr
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 analytics.js
www.google-analytics.com/ Frame 575C 43 KB
17 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: s.id
URL: https://s.id/3q2wk

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://urlz.fr/8Xpc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 20:01:45 GMT
server: Golfe2
age: 4921
date: Fri, 22 Feb 2019 10:31:33 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 17543
expires: Fri, 22 Feb 2019 12:31:33 GMT

GET
H2 200 all.js
api.dmcdn.net/ Frame 575C 27 KB
9 KB 145ms
42ms Script
application/x-javascript 95.140.239.36
Limelight Networks

General

Check archive.org

Show headers Download Go to

Full URL: https://api.dmcdn.net/all.js
Requested by: Host: player.pepsia.com
URL: http://player.pepsia.com/sdk.js?d=169150db857
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.140.239.36 , United Kingdom, ASN22822 (LLNW - Limelight Networks, Inc., US),
Reverse DNS: https-95-140-239-36.cdg.llnw.net
Software: DMS/1.0.42 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://urlz.fr/8Xpc
Origin: http://urlz.fr

Response headers

date: Fri, 22 Feb 2019 11:53:34 GMT
content-encoding: gzip
last-modified: Thu, 20 Sep 2018 10:48:47 GMT
server: DMS/1.0.42
age: 4256806
etag: "5ba37b0f-6d98"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=43200, s-maxage=3600
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9279
expires: Fri, 04 Jan 2019 06:26:48 GMT

GET
H2 200 glyphicons-halflings-regular.woff2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/ Frame 575C 18 KB
18 KB 71ms
21ms Font
font/woff2 209.197.3.15
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2
Requested by: Host: player.pepsia.com
URL: http://player.pepsia.com/sdk.js?d=169150db857
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip0x00f.map2.ssl.hwcdn.net
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://urlz.fr/8Xpc
Origin: http://urlz.fr

Response headers

date: Fri, 22 Feb 2019 11:53:34 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:36:18 GMT
access-control-allow-origin: *
etag: "1544639778"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 18056

GET
DATA 200
OK truncated
/ Frame 575C 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK favicon.ico
www.ca-aquitaine.fr/ Frame 575C 766 B
783 B 127ms
27ms Image
image/vnd.microsoft.icon 158.191.172.76

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ca-aquitaine.fr/favicon.ico

Requested by

Host: urlz.fr
URL: http://urlz.fr/8Xpc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

158.191.172.76 , France, ASN9159 (, FR),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://urlz.fr/8Xpc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Feb 2019 11:53:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sat, 20 Oct 2007 10:32:50 GMT
Server: Apache
ETag: "2fe-43cea2c528303"
Vary: Accept-Encoding
P3P: CP="ALL DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/vnd.microsoft.icon
Keep-Alive: timeout=5, max=100
Content-Length: 224
X-XSS-Protection: 1; mode=block

GET
H/1.1

200
OK

Primary Request index.html Show response
u335221ftd.ha002.t.justns.ru/voice/
Redirect Chain

http://u335221ftd.ha002.t.justns.ru/voice
http://u335221ftd.ha002.t.justns.ru/voice/
http://u335221ftd.ha002.t.justns.ru/voice/index.html

21 KB
7 KB

83ms
41ms

Document
text/html

2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to

Full URL: http://u335221ftd.ha002.t.justns.ru/voice/index.html
Requested by: Host: s.id
URL: https://s.id/3q2wk
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 513338f7ad46596ec12a717a06ccff98f54a7f4ffec67085d5b52e9ed9bf7f09

Request headers

Host: u335221ftd.ha002.t.justns.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://urlz.fr/8Xpc
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://urlz.fr/8Xpc

Response headers

ETag: "55d5-5c6bed5e-cfda12cdb844c7b8;gz"
Last-Modified: Tue, 19 Feb 2019 11:49:50 GMT
Content-Type: text/html
Content-Length: 6653
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Date: Fri, 22 Feb 2019 11:53:35 GMT
Server: LiteSpeed
Connection: close

Redirect headers

Location: index.html
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Date: Fri, 22 Feb 2019 11:53:35 GMT
Server: LiteSpeed
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Vary: User-Agent
Connection: close

GET

embed
www.dailymotion.com/ Frame 1AD0
Redirect Chain

http://www.dailymotion.com/embed?api=postMessage&autoplay-mute=true&autoplay=true&controls=false&endscreen-enable=false&id=player_screen_video&mute=true&origin=http%3A%2F%2Furlz.fr&sharing-enable=f...
https://www.dailymotion.com/embed?api=postMessage&autoplay-mute=true&autoplay=true&controls=false&endscreen-enable=false&id=player_screen_video&mute=true&origin=http%3A%2F%2Furlz.fr&sharing-enable=...

0
0

GET ac
ww1097.smartadserver.com/ 0
0

GET /
c.tmyzer.com/c/ 0
0

GET
H/1.1 200
OK antiquus_002.css
u335221ftd.ha002.t.justns.ru/voice/entreeBam_fichiers/ 26 KB
4 KB 87ms
41ms Stylesheet
text/css 2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to

Full URL: http://u335221ftd.ha002.t.justns.ru/voice/entreeBam_fichiers/antiquus_002.css
Requested by: Host: u335221ftd.ha002.t.justns.ru
URL: http://u335221ftd.ha002.t.justns.ru/voice/index.html
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: a307d1f6262aaa120d2d8d18603e6b0eb9a7f58c2865d689a5a7c2d6b707fbbb

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: u335221ftd.ha002.t.justns.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://u335221ftd.ha002.t.justns.ru/voice/index.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://u335221ftd.ha002.t.justns.ru/voice/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Feb 2019 11:53:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Feb 2019 11:50:04 GMT
Server: LiteSpeed
ETag: "66a1-5c6bed6c-6671f48bd8e7f48c;gz"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 3823
Expires: Fri, 01 Mar 2019 11:53:35 GMT

GET
H/1.1 200
OK antiquus.css
u335221ftd.ha002.t.justns.ru/voice/entreeBam_fichiers/ 26 KB
4 KB 88ms
42ms Stylesheet
text/css 2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to

Full URL: http://u335221ftd.ha002.t.justns.ru/voice/entreeBam_fichiers/antiquus.css
Requested by: Host: u335221ftd.ha002.t.justns.ru
URL: http://u335221ftd.ha002.t.justns.ru/voice/index.html
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: a307d1f6262aaa120d2d8d18603e6b0eb9a7f58c2865d689a5a7c2d6b707fbbb

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: u335221ftd.ha002.t.justns.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://u335221ftd.ha002.t.justns.ru/voice/index.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://u335221ftd.ha002.t.justns.ru/voice/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Feb 2019 11:53:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Feb 2019 11:50:03 GMT
Server: LiteSpeed
ETag: "66a1-5c6bed6b-b154fb99b0fa93b7;gz"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 3823
Expires: Fri, 01 Mar 2019 11:53:35 GMT

GET
H/1.1 200
OK styles_002.css
u335221ftd.ha002.t.justns.ru/voice/entreeBam_fichiers/ 78 KB
15 KB 87ms
41ms Stylesheet
text/css 2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to

Full URL: http://u335221ftd.ha002.t.justns.ru/voice/entreeBam_fichiers/styles_002.css
Requested by: Host: u335221ftd.ha002.t.justns.ru
URL: http://u335221ftd.ha002.t.justns.ru/voice/index.html
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: f6b6ebd962eb5771760ecfd687419341e5cc2ae2275f27ec8ee18d238fe17b1f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: u335221ftd.ha002.t.justns.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://u335221ftd.ha002.t.justns.ru/voice/index.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://u335221ftd.ha002.t.justns.ru/voice/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Feb 2019 11:53:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Feb 2019 11:50:13 GMT
Server: LiteSpeed
ETag: "1372f-5c6bed75-e9325608d8186c99;gz"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 15243
Expires: Fri, 01 Mar 2019 11:53:35 GMT

GET
H/1.1 200
OK styles.css
u335221ftd.ha002.t.justns.ru/voice/entreeBam_fichiers/ 78 KB
15 KB 87ms
42ms Stylesheet
text/css 2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to

Full URL: http://u335221ftd.ha002.t.justns.ru/voice/entreeBam_fichiers/styles.css
Requested by: Host: u335221ftd.ha002.t.justns.ru
URL: http://u335221ftd.ha002.t.justns.ru/voice/index.html
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 6355d2f569635d7ed7c4fa9286e79a5eb5ecc6b17d64f97e64687195a1d4e7c3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: u335221ftd.ha002.t.justns.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://u335221ftd.ha002.t.justns.ru/voice/index.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://u335221ftd.ha002.t.justns.ru/voice/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Feb 2019 11:53:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Feb 2019 11:50:13 GMT
Server: LiteSpeed
ETag: "13738-5c6bed75-cd58c8c693031ce1;gz"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 15254
Expires: Fri, 01 Mar 2019 11:53:35 GMT

GET
H/1.1 200
OK styles-mod_002.css
u335221ftd.ha002.t.justns.ru/voice/entreeBam_fichiers/ 12 KB
4 KB 88ms
42ms Stylesheet
text/css 2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to

Full URL: http://u335221ftd.ha002.t.justns.ru/voice/entreeBam_fichiers/styles-mod_002.css
Requested by: Host: u335221ftd.ha002.t.justns.ru
URL: http://u335221ftd.ha002.t.justns.ru/voice/index.html
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: be75bd4ece74fdb044d991fed3ebe153c99009970c90a171b24d2d8949e28bd8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: u335221ftd.ha002.t.justns.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://u335221ftd.ha002.t.justns.ru/voice/index.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://u335221ftd.ha002.t.justns.ru/voice/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Feb 2019 11:53:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Feb 2019 11:50:11 GMT
Server: LiteSpeed
ETag: "2f03-5c6bed73-231935285e61ebe8;gz"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 3400
Expires: Fri, 01 Mar 2019 11:53:35 GMT

GET
H/1.1 200
OK styles-mod.css
u335221ftd.ha002.t.justns.ru/voice/entreeBam_fichiers/ 12 KB
4 KB 88ms
42ms Stylesheet
text/css 2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to

Full URL: http://u335221ftd.ha002.t.justns.ru/voice/entreeBam_fichiers/styles-mod.css
Requested by: Host: u335221ftd.ha002.t.justns.ru
URL: http://u335221ftd.ha002.t.justns.ru/voice/index.html
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 5a812b6d079563d5007a74f2e8a6fb3cb465b65e5199dc8976d9306e664e6fee

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: u335221ftd.ha002.t.justns.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://u335221ftd.ha002.t.justns.ru/voice/index.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://u335221ftd.ha002.t.justns.ru/voice/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Feb 2019 11:53:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Feb 2019 11:50:11 GMT
Server: LiteSpeed
ETag: "2f0a-5c6bed73-9b338cb53b0e6d0a;gz"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 3404
Expires: Fri, 01 Mar 2019 11:53:35 GMT

GET
H/1.1 200
OK stb.css
u335221ftd.ha002.t.justns.ru/voice/entreeBam_fichiers/ 3 KB
1 KB 130ms
41ms Stylesheet
text/css 2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to

Full URL: http://u335221ftd.ha002.t.justns.ru/voice/entreeBam_fichiers/stb.css
Requested by: Host: u335221ftd.ha002.t.justns.ru
URL: http://u335221ftd.ha002.t.justns.ru/voice/index.html
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 82bb557cf480b5f06d375306fdf9fb8bdfd9c3139250eeac4c56e65435cdddb3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: u335221ftd.ha002.t.justns.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://u335221ftd.ha002.t.justns.ru/voice/index.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://u335221ftd.ha002.t.justns.ru/voice/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Feb 2019 11:53:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Feb 2019 11:50:10 GMT
Server: LiteSpeed
ETag: "a56-5c6bed72-1b32b49c708a4bbf;gz"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 885
Expires: Fri, 01 Mar 2019 11:53:35 GMT

GET
H/1.1 404
Not Found infosbulle.js
u335221ftd.ha002.t.justns.ru/voice/entreeBam_fichiers/ 0
0 130ms
42ms Script
text/html 2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to

Full URL: http://u335221ftd.ha002.t.justns.ru/voice/entreeBam_fichiers/infosbulle.js
Requested by: Host: u335221ftd.ha002.t.justns.ru
URL: http://u335221ftd.ha002.t.justns.ru/voice/index.html
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: u335221ftd.ha002.t.justns.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://u335221ftd.ha002.t.justns.ru/voice/index.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://u335221ftd.ha002.t.justns.ru/voice/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Feb 2019 11:53:35 GMT
Content-Encoding: gzip
Server: LiteSpeed
Connection: close
Content-Length: 488
Vary: Accept-Encoding,User-Agent
Content-Type: text/html

GET
H/1.1 200
OK siteon0.gif
u335221ftd.ha002.t.justns.ru/voice/entreeBam_fichiers/ 8 KB
8 KB 42ms
41ms Image
image/gif 2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://u335221ftd.ha002.t.justns.ru/voice/entreeBam_fichiers/siteon0.gif
Requested by: Host: u335221ftd.ha002.t.justns.ru
URL: http://u335221ftd.ha002.t.justns.ru/voice/index.html
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 5e6e4b59e776656c913d4f6fa9e5c586678c9954a2b75fc287752ee9b6e976d2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: u335221ftd.ha002.t.justns.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://u335221ftd.ha002.t.justns.ru/voice/index.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://u335221ftd.ha002.t.justns.ru/voice/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Feb 2019 11:53:35 GMT
Last-Modified: Tue, 19 Feb 2019 11:50:09 GMT
Server: LiteSpeed
ETag: "1fc0-5c6bed71-2c9b7f37999a8766;;;"
Vary: User-Agent
Content-Type: image/gif
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 8128
Expires: Fri, 01 Mar 2019 11:53:35 GMT

GET
H/1.1 200
OK a.jpeg
u335221ftd.ha002.t.justns.ru/voice/entreeBam_fichiers/ 32 KB
32 KB 42ms
41ms Image
image/jpeg 2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://u335221ftd.ha002.t.justns.ru/voice/entreeBam_fichiers/a.jpeg
Requested by: Host: u335221ftd.ha002.t.justns.ru
URL: http://u335221ftd.ha002.t.justns.ru/voice/index.html
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 4400157cffc868a23c307b80c36d8b849473c3a8905661496c6ed3de54470d20

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: u335221ftd.ha002.t.justns.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://u335221ftd.ha002.t.justns.ru/voice/index.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://u335221ftd.ha002.t.justns.ru/voice/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Feb 2019 11:53:35 GMT
Last-Modified: Tue, 19 Feb 2019 11:50:02 GMT
Server: LiteSpeed
ETag: "7e81-5c6bed6a-f1ef6bc27b9aa47e;;;"
Vary: User-Agent
Content-Type: image/jpeg
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 32385
Expires: Fri, 01 Mar 2019 11:53:35 GMT

GET
H/1.1 200
OK point_transp.gif
u335221ftd.ha002.t.justns.ru/voice/entreeBam_fichiers/ 87 B
437 B 42ms
41ms Image
image/gif 2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://u335221ftd.ha002.t.justns.ru/voice/entreeBam_fichiers/point_transp.gif
Requested by: Host: u335221ftd.ha002.t.justns.ru
URL: http://u335221ftd.ha002.t.justns.ru/voice/index.html
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 7a1a0dc539a9129f3ce1a26e7598a54217d8c8c0291f1a267976dcdad89bbe57

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: u335221ftd.ha002.t.justns.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://u335221ftd.ha002.t.justns.ru/voice/index.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://u335221ftd.ha002.t.justns.ru/voice/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Feb 2019 11:53:35 GMT
Last-Modified: Tue, 19 Feb 2019 11:50:09 GMT
Server: LiteSpeed
ETag: "57-5c6bed71-b7909f0c1edae063;;;"
Vary: User-Agent
Content-Type: image/gif
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 87
Expires: Fri, 01 Mar 2019 11:53:35 GMT

GET
H/1.1 200
OK hit.gif
u335221ftd.ha002.t.justns.ru/voice/entreeBam_fichiers/ 43 B
393 B 43ms
42ms Image
image/gif 2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://u335221ftd.ha002.t.justns.ru/voice/entreeBam_fichiers/hit.gif
Requested by: Host: u335221ftd.ha002.t.justns.ru
URL: http://u335221ftd.ha002.t.justns.ru/voice/index.html
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: u335221ftd.ha002.t.justns.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://u335221ftd.ha002.t.justns.ru/voice/index.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://u335221ftd.ha002.t.justns.ru/voice/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Feb 2019 11:53:35 GMT
Last-Modified: Tue, 19 Feb 2019 11:50:06 GMT
Server: LiteSpeed
ETag: "2b-5c6bed6e-5665a5088ecb99f4;;;"
Vary: User-Agent
Content-Type: image/gif
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 01 Mar 2019 11:53:35 GMT

GET
H/1.1 404
Not Found main_repeat.png
u335221ftd.ha002.t.justns.ru/voice/img/ 661 B
661 B 42ms
41ms Image
text/html 2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://u335221ftd.ha002.t.justns.ru/voice/img/main_repeat.png
Requested by: Host: u335221ftd.ha002.t.justns.ru
URL: http://u335221ftd.ha002.t.justns.ru/voice/index.html
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 75aa5beb0c5b767387b5b9d5d3dd2c1b39e2cc68bce31e16ba31ee132f757888

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: u335221ftd.ha002.t.justns.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://u335221ftd.ha002.t.justns.ru/voice/entreeBam_fichiers/styles.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://u335221ftd.ha002.t.justns.ru/voice/entreeBam_fichiers/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Feb 2019 11:53:35 GMT
Content-Encoding: gzip
Server: LiteSpeed
Connection: close
Content-Length: 475
Vary: Accept-Encoding,User-Agent
Content-Type: text/html

GET
H/1.1 200
OK entete_light.png
u335221ftd.ha002.t.justns.ru/voice/entreeBam_fichiers/ 411 B
763 B 42ms
41ms Image
image/png 2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://u335221ftd.ha002.t.justns.ru/voice/entreeBam_fichiers/entete_light.png
Requested by: Host: u335221ftd.ha002.t.justns.ru
URL: http://u335221ftd.ha002.t.justns.ru/voice/index.html
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 9fcab327f6ceaf3b22cde395516929fa4a054ce134c67d0c0788b07a240e38ff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: u335221ftd.ha002.t.justns.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://u335221ftd.ha002.t.justns.ru/voice/entreeBam_fichiers/styles-mod.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://u335221ftd.ha002.t.justns.ru/voice/entreeBam_fichiers/styles-mod.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Feb 2019 11:53:35 GMT
Last-Modified: Tue, 19 Feb 2019 11:50:05 GMT
Server: LiteSpeed
ETag: "19b-5c6bed6d-fce7afa421561462;;;"
Vary: User-Agent
Content-Type: image/png
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 411
Expires: Fri, 01 Mar 2019 11:53:35 GMT

GET
H/1.1 200
OK main_haut.png
u335221ftd.ha002.t.justns.ru/voice/entreeBam_fichiers/ 143 B
494 B 84ms
41ms Image
image/png 2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://u335221ftd.ha002.t.justns.ru/voice/entreeBam_fichiers/main_haut.png
Requested by: Host: u335221ftd.ha002.t.justns.ru
URL: http://u335221ftd.ha002.t.justns.ru/voice/index.html
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: c2eb575af2dd8cbf678afc27903c39d00e4083a82f2f340e6e7eaebb2c6b7131

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: u335221ftd.ha002.t.justns.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://u335221ftd.ha002.t.justns.ru/voice/entreeBam_fichiers/styles.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://u335221ftd.ha002.t.justns.ru/voice/entreeBam_fichiers/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Feb 2019 11:53:35 GMT
Last-Modified: Tue, 19 Feb 2019 11:50:08 GMT
Server: LiteSpeed
ETag: "8f-5c6bed70-16bcd5178372d165;;;"
Vary: User-Agent
Content-Type: image/png
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 143
Expires: Fri, 01 Mar 2019 11:53:35 GMT

GET
H/1.1 404
Not Found bloc_arrond_bas.png
u335221ftd.ha002.t.justns.ru/voice/img/ 665 B
665 B 76ms
41ms Image
text/html 2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://u335221ftd.ha002.t.justns.ru/voice/img/bloc_arrond_bas.png
Requested by: Host: u335221ftd.ha002.t.justns.ru
URL: http://u335221ftd.ha002.t.justns.ru/voice/index.html
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 7d90f96e1ba4871d1f50cbbdef54766c37b9f38c8ebf8ff1406146121daf496f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: u335221ftd.ha002.t.justns.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://u335221ftd.ha002.t.justns.ru/voice/entreeBam_fichiers/styles.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://u335221ftd.ha002.t.justns.ru/voice/entreeBam_fichiers/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Feb 2019 11:53:35 GMT
Content-Encoding: gzip
Server: LiteSpeed
Connection: close
Content-Length: 479
Vary: Accept-Encoding,User-Agent
Content-Type: text/html

GET
H/1.1 404
Not Found bloc_arrond_haut.png
u335221ftd.ha002.t.justns.ru/voice/img/ 666 B
666 B 76ms
41ms Image
text/html 2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://u335221ftd.ha002.t.justns.ru/voice/img/bloc_arrond_haut.png
Requested by: Host: u335221ftd.ha002.t.justns.ru
URL: http://u335221ftd.ha002.t.justns.ru/voice/index.html
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 6650a06e7f62257a60e7f94fa8128f5b4a99aa77b75fce522bd6b326faf498d9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: u335221ftd.ha002.t.justns.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://u335221ftd.ha002.t.justns.ru/voice/entreeBam_fichiers/styles.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://u335221ftd.ha002.t.justns.ru/voice/entreeBam_fichiers/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Feb 2019 11:53:35 GMT
Content-Encoding: gzip
Server: LiteSpeed
Connection: close
Content-Length: 480
Vary: Accept-Encoding,User-Agent
Content-Type: text/html

GET
H/1.1 404
Not Found thead.png
u335221ftd.ha002.t.justns.ru/voice/img/ 655 B
655 B 72ms
41ms Image
text/html 2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://u335221ftd.ha002.t.justns.ru/voice/img/thead.png
Requested by: Host: u335221ftd.ha002.t.justns.ru
URL: http://u335221ftd.ha002.t.justns.ru/voice/index.html
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 10db91a65ce3a1043d423244179b1edcf085f99624fcb52ca94e2b78bc5f7e84

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: u335221ftd.ha002.t.justns.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://u335221ftd.ha002.t.justns.ru/voice/entreeBam_fichiers/styles-mod.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://u335221ftd.ha002.t.justns.ru/voice/entreeBam_fichiers/styles-mod.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Feb 2019 11:53:35 GMT
Content-Encoding: gzip
Server: LiteSpeed
Connection: close
Content-Length: 469
Vary: Accept-Encoding,User-Agent
Content-Type: text/html

GET
H/1.1 404
Not Found bg_form.png
u335221ftd.ha002.t.justns.ru/voice/img/ 657 B
657 B 76ms
41ms Image
text/html 2a00:b700::6:b
ASBAXET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://u335221ftd.ha002.t.justns.ru/voice/img/bg_form.png
Requested by: Host: u335221ftd.ha002.t.justns.ru
URL: http://u335221ftd.ha002.t.justns.ru/voice/index.html
Protocol: HTTP/1.1
Server: 2a00:b700::6:b , Russian Federation, ASN51659 (ASBAXET, RU),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 2ab684fbc1328b02bec0140d5fca37ed8e0adbf3a46d9c561112628bc95c324c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: u335221ftd.ha002.t.justns.ru
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://u335221ftd.ha002.t.justns.ru/voice/entreeBam_fichiers/styles.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://u335221ftd.ha002.t.justns.ru/voice/entreeBam_fichiers/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Feb 2019 11:53:35 GMT
Content-Encoding: gzip
Server: LiteSpeed
Connection: close
Content-Length: 471
Vary: Accept-Encoding,User-Agent
Content-Type: text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: analytics.s.id
URL: https://analytics.s.id/piwik.js

Domain: ads.creative-serving.com
URL: http://ads.creative-serving.com/id5_cm?callback=http%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D

Domain: www.dailymotion.com
URL: https://www.dailymotion.com/embed?api=postMessage&autoplay-mute=true&autoplay=true&controls=false&endscreen-enable=false&id=player_screen_video&mute=true&origin=http%3A%2F%2Furlz.fr&sharing-enable=false&syndication=273739&ui-logo=false&ui-start-screen-info=false

Domain: ww1097.smartadserver.com
URL: http://ww1097.smartadserver.com/ac?nwid=1097&siteid=205724&pgid=890545&fmtid=30012&async=1&visit=m&tmstp=3545981367&tag=sas_30012&sh=1200&sw=1600&pgDomain=http%3A%2F%2Furlz.fr%2F8Xpc&noadcbk=sas.noad

Domain: c.tmyzer.com
URL: http://c.tmyzer.com/c/?s=15056&f=28&fi=0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Credit Agricole (Banking)

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.avocet.io
ads.creative-serving.com
ads.stickyadstv.com
ads.themoneytizer.com
adtrack.adleadevent.com
ajax.cloudflare.com
ajax.googleapis.com
analytics.s.id
api.dmcdn.net
c.tmyzer.com
ced-ns.sascdn.com
cm.g.doubleclick.net
creditagri.temp.swtest.ru
d.turn.com
d2zur9cc2gf1tx.cloudfront.net
edge.quantserve.com
fastlane.rubiconproject.com
g.tmyzer.com
gum.criteo.com
ib.adnxs.com
image2.pubmatic.com
maxcdn.bootstrapcdn.com
p.cpx.to
player.pepsia.com
rules.quantcount.com
s.cpx.to
s.id
secure.adnxs.com
tag.contextweb.com
tag.leadplace.fr
u335221ftd.ha002.t.justns.ru
urlz.fr
ww1097.smartadserver.com
www.ca-aquitaine.fr
www.dailymotion.com
www.google-analytics.com
www.noowho.com
ads.creative-serving.com
analytics.s.id
c.tmyzer.com
ww1097.smartadserver.com
www.dailymotion.com
143.204.208.65
143.204.214.103
145.239.193.145
147.135.143.44
151.139.241.23
158.191.172.76
172.217.21.226
18.185.14.252
185.33.223.198
185.33.223.208
185.64.189.110
185.86.137.42
2.18.234.233
203.119.112.228
209.197.3.15
213.19.162.31
2600:9000:200d:2800:6:44e3:f8c0:93a1
2600:9000:200d:4e00:6:44e3:f8c0:93a1
2606:4700:31::681f:ab2
2606:4700:31::681f:bb2
2606:4700::6813:c597
2a00:1450:4001:809::200e
2a00:1450:4001:824::200a
2a00:b700::6:b
2a02:2638:1::13
46.228.164.13
5.179.192.20
52.30.162.218
54.229.43.73
68.232.35.16
74.214.194.132
77.222.61.40
79.125.104.115
94.23.196.203
95.140.239.36
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
07370fa9f43186d0cc01f9c8ff0729fc54e1e20c24658d27d5ad04aee5195c37
10db91a65ce3a1043d423244179b1edcf085f99624fcb52ca94e2b78bc5f7e84
26517193e17e52b864db99512527c75112afb1290eee8b7d4548e23082f0e876
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
2ab684fbc1328b02bec0140d5fca37ed8e0adbf3a46d9c561112628bc95c324c
2dab93e85c921c8a853f19c5bfa32757e9f235f066e4756a7c914e5cba6619f4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3349f7ebfafd1cf105f9f4a41a1be792db6dfc5d754de2fbce192a2185486b73
396e5df7aaa00463e39a6fb6515810f0548cc453dbf58e141b3521dc7e09072b
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
4400157cffc868a23c307b80c36d8b849473c3a8905661496c6ed3de54470d20
513338f7ad46596ec12a717a06ccff98f54a7f4ffec67085d5b52e9ed9bf7f09
5489fd68a74e873f4625f9020d0e9d31c8dea8cf98be50e050f058bf0e22aed0
5a812b6d079563d5007a74f2e8a6fb3cb465b65e5199dc8976d9306e664e6fee
5e6e4b59e776656c913d4f6fa9e5c586678c9954a2b75fc287752ee9b6e976d2
6355d2f569635d7ed7c4fa9286e79a5eb5ecc6b17d64f97e64687195a1d4e7c3
66171501c2a2df0ccfb7e034730b81578492b3508f54e05b0c3847e81c8b8bb2
6650a06e7f62257a60e7f94fa8128f5b4a99aa77b75fce522bd6b326faf498d9
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2
75aa5beb0c5b767387b5b9d5d3dd2c1b39e2cc68bce31e16ba31ee132f757888
7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37
7a1a0dc539a9129f3ce1a26e7598a54217d8c8c0291f1a267976dcdad89bbe57
7d90f96e1ba4871d1f50cbbdef54766c37b9f38c8ebf8ff1406146121daf496f
82bb557cf480b5f06d375306fdf9fb8bdfd9c3139250eeac4c56e65435cdddb3
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b
9c7a90a3a0b5db090bbd3a7759f18253a626c91fcce34b6213bcdf5b02ec2675
9fcab327f6ceaf3b22cde395516929fa4a054ce134c67d0c0788b07a240e38ff
a307d1f6262aaa120d2d8d18603e6b0eb9a7f58c2865d689a5a7c2d6b707fbbb
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
bc654a36db2e1d367d0e5d978daed55b7bda58d10fef95df8acbea4b7eef6f50
be75bd4ece74fdb044d991fed3ebe153c99009970c90a171b24d2d8949e28bd8
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69
c2eb575af2dd8cbf678afc27903c39d00e4083a82f2f340e6e7eaebb2c6b7131
d40554f32d79318570deb113b99cfd2572316bec25d07f541ca5948c6a291f58
dc66e9b551b86b18c315fdd3c4d67c80615812ba484ae2cb9508376f35fa13be
dd662b6e50e8121af3a3fcdb888012d0eadcefde358452e9b2f45e9980d86325
dd76fdd2142192064e0af855f1b21bdad5ed9e807f053e813827e601404a83cb
ee3c3fc910cc5cadabd0889d9b7a9e94391e182eede8abfe9b4cc3b69235ed90
f6b6ebd962eb5771760ecfd687419341e5cc2ae2275f27ec8ee18d238fe17b1f

u335221ftd.ha002.t.justns.ru Open in urlscan Pro 2a00:b700::6:b Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

27 %HTTPS

26 %IPv6

33 Domains

37 Subdomains

28 IPs

9 Countries

418 kBTransfer

1029 kBSize

0 Cookies

2 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

u335221ftd.ha002.t.justns.ru Open in urlscan Pro
2a00:b700::6:b Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

27 %
HTTPS

26 %
IPv6

33
Domains

37
Subdomains

28
IPs

9
Countries

418 kB
Transfer

1029 kB
Size

0
Cookies

66 HTTP transactions
1 data transactions